What is unified endpoint management, and is it right for your business?

Modern business happens at the endpoint—assets such as PCs, laptops and smartphones sit at the intersection of data, people and software, making them a popular target for threat actors. There was a time when most of these endpoints were static and fixed behind the corporate firewall. Perimeter security tools like intrusion detection systems were designed to prevent malicious attacks from getting in.

Today's IT environments are dynamic and distributed—driven by mobility and cloud computing. This has created a large cyber attack surface for IT leaders to protect, which is where unified endpoint management (UEM) comes in. It offers an efficient method of managing endpoint security.

Unified endpoint management is the ability for IT teams to unify visibility and control of all their mobile, Internet of Things (IoT) and fixed computing devices, wherever they are, from a single console.  

Organizations are increasingly turning to unified endpoint management to cut through complexity and deliver a holistic way to manage risk across a large and growing number of corporate endpoints. 

UEM enables the deployment, security and management of your resources and applications on any device from a single centralized console.

UEM can be defined in relation to mobile device management (MDM) and enterprise mobility management (EMM).

MDM was the first product type to hit the market. It covers tools designed to update, monitor, secure and configure enterprise mobile devices by remotely enforcing policy.

EMM tools do everything that MDM can do and expands their capabilities to include containerization to separate personal and corporate data, management and control of specific applications, and identity and access management (IAM).  UEM combines both of the above and adds features to also manage endpoints that aren't mobile devices, such as PCs, printers and IoT devices. Typically, solutions include:

• Remote updates/patching
• Automatic tracking of hardware and software inventory
• Policy (including security control) enforcement
• Software license management
• Identity and access management (IAM)
• Application management
• Remote management of workstations, IoT devices, etc.
• Threat detection/monitoring—although typically not threat blocking, which is the job of mobile threat defense

Ultimately, UEM helps to empower user productivity by ensuring they can work securely from anywhere, without needing hands-on device management. By mitigating cyber risk, you could also avoid potentially major financial and reputational damage stemming from a serious breach. 

The Verizon 2022 Mobile Security Index (MSI) found major cyber attacks resulting in data or system downtime involving a mobile/IoT device increased 22%. One-third of businesses that suffered a mobile security compromise said it had lasting repercussions.

The era of distributed working began long before the pandemic, but that event has shaped the way enterprise IT works for years to come. Hybrid working arrangements are here to stay, and failing to offer flexibility may be a risk for organizations. This has huge implications for endpoint security.

Home working mobile devices—laptops, tablets and smartphones—empower workers to be more productive. But unless they're regularly patched, correctly configured and protected with endpoint security, they represent a risk. The MSI highlights the challenges for central IT teams:

• 70% of organizations believe their workforce is more productive working from outside the office
• But 79% of organizations agree remote working has adversely affected their cyber security and increased the burden on security teams
• 45% of organizations say they've suffered a compromise involving a mobile device in the past 12 months

Among the main endpoint security threats to remote workers are:

• Phishing and its variants, as users reading messages on mobile devices may be distracted and more at risk of clicking on malicious missives
• Malicious apps, usually disguised as legitimate software and sometimes advertised to users through phishing emails
• Wi-Fi hotspots, which are a common threat to corporate users on the road. Many don't realize that even password-protected hotspots may also be populated by malicious actors

The endpoint threat extends beyond the modern remote working environment. An explosion in IoT devices, from the factory floor to smart healthcare, has propelled the number of global IoT connections to over 14 billion. This increase has further expanded the corporate attack surface.

Security risks include:

• Factory default passwords, which creates risk that devices can be easily hijacked
• A lack of vulnerability management from vendors, meaning firmware isn't regularly updated
• Exposure to physical tampering or SIM theft, especially devices out in the field
• The variety of devices on the market, which can make it difficult to craft holistic security policies
• A long device lifespan, meaning many end up unsupported and/or unsecured

According to the MSI, only 48% of organizations centrally coordinate IoT projects, with just 53% defining IoT security standards that apply to all projects.1 This could leave significant security gaps that could enable device sabotage, compromise by botnet herders, or device hijacking as a foothold into corporate networks.

The challenge for enterprise IT and security leaders is to gain visibility and control of all of their endpoints—from on-premises PCs to remote working mobile devices and IoT gadgets. The MSI demonstrates that companies are more reliant on mobile devices and endpoint security spending is increasing in response.²

The MSI also reveals that:

• 40% of organizations aren't confident their current security systems can effectively secure remote work³
• 79% of organizations believe recent changes to working practices adversely impacted their cyber security⁴
• 77% of organizations are expected to increase their cyber security budget in the next year, and 25% expect it to increase "significantly"⁵